<?php

class Hash
{
  /*
	* Hash::make('the_password_u_want');	
	*	
	*/
	static function make($given_password)
	{
		$salt = crypt(sha1(urlencode($given_password).uniqid()).rand(10000,99999));
		$pepper =  substr(base64_encode(sha1(bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM)))),5,12);	
		$password = hash('sha256',$salt.$given_password.$pepper);
		
		for($x=0;$x<8;$x++)
		{
			$work = hash('sha256',$password.hash('sha256',$salt.$x.sha1($pepper.$x)));
		}
		
		return $salt.substr(crypt($work),3).$pepper;
	}
	
	/*
	* Hash::check('password_input_from_user','hashed_password from db/text file etc');	
	*	
	*/
	static function check($given_password = FALSE,$password_from_db = FALSE)
	{
		if($given_password AND $password_from_db)
		{
			$salt = substr($password_from_db,0,34);
			$pepper = substr($password_from_db,-12);
			$pass = '$1$'.substr($password_from_db,34,31);
			
			$password = hash('sha256',$salt.$given_password.$pepper);
			
			for($x=0;$x<8;$x++)
			{
				$work = hash('sha256',$password.hash('sha256',$salt.$x.sha1($pepper.$x)));
			}
			
			return crypt($work,$pass) == $pass;
			
		}else{
			return FALSE;
		}
	}
}
